[ale] OT: Java and Cookies
Denny Chambers
dchambers at bugfixer.net
Fri Aug 29 15:46:28 EDT 2003
The way I was planning to handle it was something like:
int code = urlConn.getResponseCode();
if(code == HttpURLConnection.HTTP_OK){
//Do something
}
else if(code == HttpURLConnection.HTTP_MOVED_TEMP ||
code == HttpURLConnection.HTTP_MOVED_PERM ||
code == 307 /* HttpURLConnection doesn't have a define for this, but
according to the HTTP spec it should be used over 302 */){
//Handle redirect
}
Christopher Fowler wrote:
>On Fri, Aug 29, 2003 at 02:21:18PM -0500, Denny Chambers wrote:
>
>
>>I am having my own problem, that maybe you can help with. I send a POST
>>request to a URL with HttpURLConnection. tha URL sends back a 302
>>Redirect. The problem happens when the HttpURLConnection goes to follow
>>the redirect, it changes the request to a GET, and I loose the data that
>>I was passing. Any clue on getting around this, before I start hacking
>>it up and handling the redirect myself? Does this sound like a bug, or
>>is this just the way redirects work? Sounds like a bug to me?
>>
>>
>
>This is the problem that I'm having. So either we are experiencing the
>same thing or we both suck. I fixed it with my hacked up code. When
>I get the 302 I have to get the files and also pass the cookie. The only
>way I found this out is by using a redirector I wrote in C that simply logs
>all data going to the remote site to a file. I just then tell Java to connect
>to 127.0.0.1
>
>I dump html to /tmp and use appletviewer to look at it. I tried to
>use JEditPane.setPage("file:/tmp/test.html") to run the html file
>with the applet but it says I have not java. Is there a way to
>fix that?
>
>
>
>
>>Denny
>>
>>
>>
>>
>>Christopher Fowler wrote:
>>
>>
>>
>>>On Fri, Aug 29, 2003 at 01:18:21PM -0500, Denny Chambers wrote:
>>>
>>>
>>>
>>>
>>>>Hey, It just so happens I am working on HttpURLConnection stuff right
>>>>now. It sounds like the page that returns the frame sets does not return
>>>>a Set-Cookie, but frame source URLs do return cookies. Is this correct?
>>>>
>>>>
>>>>
>>>>
>>>Actually it does do a set cookie. Look at my hack code:
>>>
>>>import java.net.*;
>>>import java.io.*;
>>>
>>>public class Soc {
>>>
>>> public static void main (String args[]) {
>>> String cookie = null;
>>> String message = new String (
>>> "POST /auth.asp HTTP/1.1\r\n" +
>>> "Content-Length: 45\r\n" +
>>> "Content-Type: application/x-www-form-urlencoded\r\n" +
>>> "User-Agent: Java/1.4.1_02\r\n" +
>>> "Host: 127.0.0.1\r\n" +
>>> "Accept: text/html, image/gif, image/jpeg, *; q=.2,
>>> */*; q=.2\r\n" +
>>> "Connection: keep-alive\r\n" +
>>> "\r\n" +
>>> "login=super&password=smart&action_login=Login");
>>> try {
>>> Socket soc = new Socket("127.0.0.1", 80);
>>> OutputStream os = soc.getOutputStream();
>>> BufferedReader br = new BufferedReader(
>>> new
>>> InputStreamReader(soc.getInputStream()));
>>> os.write(message.getBytes());
>>> String s;
>>> while((s = br.readLine()) != null) {
>>> if(s.startsWith("Set-Cookie:") == true) {
>>> cookie = s.substring(12, s.indexOf(';'));
>>> }
>>> }
>>> soc.close();
>>> } catch (Exception exp) {
>>> System.err.println("Error: " + exp.getMessage());
>>> System.exit(1);
>>> }
>>>
>>> if(cookie == null) {
>>> System.err.println("Authentication failure!\n");
>>> System.exit(1);
>>> }
>>>
>>> try {
>>> String s;
>>> URL url = new URL("http://127.0.0.1/title_app.asp");
>>> HttpURLConnection connection =
>>> (HttpURLConnection)url.openConnection();
>>> connection.setRequestProperty("Cookie", cookie);
>>> connection.setRequestProperty("Referrer",
>>> "http://127.0.0.1/auth.asp");
>>> BufferedReader br = new BufferedReader(new
>>> InputStreamReader(connection.getInputStream()));
>>> while((s = br.readLine()) != null) {
>>> System.out.println(s);
>>> }
>>> } catch (Exception exp) {
>>> System.err.println("Error: " + exp.getMessage());
>>> System.exit(1);
>>> }
>>>
>>> }
>>>}
>>>
>>>/* vi: set ts=4 sw=4 :*/
>>>
>>>
>>>This is crappy hack code. I'd prefer to do it wit classes.
>>>
>>>
>>>
>>>
>>>>I am not sure how the HttpURLConnection works with frames. Does it try
>>>>to download each frame URL automatically? If so what you need are those
>>>>URLConnections. From looking at your code what your looking for is a
>>>>Set-Cookie header from the response that is returning the FrameSet HTML
>>>>code, if that code does not send a cookie, you will not get one looking
>>>>at that response data. If the HttpURLConnection is automatically making
>>>>the request for all of the frame src, then that is telling me that the
>>>>HttpURLConnection has a ContentHandler class that is parsing the html
>>>>data, and making the necessary request. If that is true, then your
>>>>answer may be in the ContentHandler class.
>>>>
>>>>
>>>>
>>>>
>>>Could be. The response is a redirect response. The redirected page
>>>is the page with all the framesets.
>>>
>>>
>>>
>>>
>>>
>>>>HTH,
>>>>Denny
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>I'm trying to do a POST and grab a cookie to be used for later
>>>>>authentication. I hope that maybe you guys have done this
>>>>>before. The aut.asp page is a simple POST form. When the
>>>>>form is submitted it returns a frameset and a cookie. I can
>>>>>not seem to get the the HttpURLConnection to get the cookie. It
>>>>>seems that the conneciton does the post and then tries to
>>>>>receive each page of the framset. However, I do not see
>>>>>and Cookies: being sent with those GET requests. Is there a
>>>>>way to get this code to use the Set-Cookie that is being sent
>>>>>back.
>>>>>
>>>>>---------- Cut Here --------------------------------
>>>>>
>>>>>public static void main(String args[]) {
>>>>> InputStream is;
>>>>> int data;
>>>>> String s;
>>>>> DataOutputStream printout;
>>>>> String c;
>>>>> try {
>>>>> URL url = new URL("http://127.0.0.1/auth.asp");
>>>>> HttpURLConnection connection =
>>>>> (HttpURLConnection)u.openConnection();
>>>>> String emit = "login=super&password=smart&action_login=Login";
>>>>> connection.setRequestProperty("Content-Length", "" +
>>>>> emit.length());
>>>>> connection.setRequestProperty("Content-Type",
>>>>> "application/x-www-form-urlencoded");
>>>>> connection.setUseCaches (false);
>>>>> connection.setDoInput(true);
>>>>> connection.setDoOutput(true);
>>>>> connection.setFollowRedirects(false);
>>>>> /* Not used now
>>>>> connection.setRequestProperty(
>>>>> "Authorization",
>>>>> "Basic " + "cm9vdDpwYXNzd29yZA=="
>>>>> );
>>>>> */
>>>>> connection.setDoOutput(true);
>>>>> connection.setDoInput(true);
>>>>> printout = new DataOutputStream (connection.getOutputStream ());
>>>>> printout.writeBytes (emit);
>>>>> printout.flush ();
>>>>> printout.close ();
>>>>> c = connection.getHeaderField("Set-Cookie");
>>>>> System.out.println("Cookie: " + c);
>>>>> BufferedReader br = new BufferedReader(new
>>>>> InputStreamReader(connection.getInputStream()));
>>>>> System.out.flush();
>>>>> while((s = br.readLine()) != null) {
>>>>> System.out.println(s);
>>>>> }
>>>>> } catch (Exception Exp) {
>>>>> System.err.println("Error: " + Exp.getMessage());
>>>>> System.exit(1);
>>>>> }
>>>>>}
>>>>>
>>>>>
>>>>>---------- Cut Here --------------------------------
>>>>>_______________________________________________
>>>>>Ale mailing list
>>>>>Ale at ale.org
>>>>>http://www.ale.org/mailman/listinfo/ale
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>_______________________________________________
>>>Ale mailing list
>>>Ale at ale.org
>>>http://www.ale.org/mailman/listinfo/ale
>>>
>>>
>>>
>>>
>>>
>>>
>
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://www.ale.org/mailman/listinfo/ale
>
>
>
>
S/MIME Cryptographic Signature
More information about the Ale
mailing list